Following on from my "getting Metaploitable2 running on KVM/QEMU" post, I thought I had better get round to trying to exploit some of the vulerabilities on this intentially vulnerable virtual machine. Easiest place to start (so I thought) would be the low hanging fruit of a poorly configured NFS server which …

Metsploitable Metasploitable 2 is an intentionally vulnerable Ubuntu Linux virtual machine that is designed for testing common vulnerabilities. This virtual machine (VM) is compatible with VMWare, VirtualBox, and other common virtualization platforms. From https://docs.rapid7.com/metasploit/metasploitable-2/ Download …

Introduction At work I recently had a query where Python Simple HTTP Server was not working for a particular application. On the Python console "HTTP 200" responses were seeing (HTTP code for 'OK'), but the connection failed. I also tested it with 'updog - again we saw HTTP 200 responses but the connection …

Regular Expression RegEx or Regular Expressions is a sequence of characters that specifies a search pattern in text. This can be used for finding strings of text in large files quickly and easily and can be used in conjunction with 'Find & Replace' operations. RegEx Basics In order to use RegEx in Notepad++ you …

Introduction Working with archives is something that I find myself doing when I am tweaking with things in my Linux environment or installing some tool that is not from a package manager. Every single time I do this, I find that I need to look up tutorials on how to work tar - I would have thought by now that I would …

Introduction Virtualisation is cool. Most of this site, so far, seems dedicated to it in some way so far! Up until this point, I have mainly focussed playing with Microsoft's Hyper-V (mainly in Windows 10 Pro), QEMU+KVM and a little dabble in to VMware's ESXi and Kubernetes. Recently though, my daughter decided that …

A Windows Server key will allow you to create a Windows virtual machine (the number of virtualised instances depends on if it is Esstentials, Standard or Datacenter and more information can be found at the Microsoft Product Licensing Page). In order for an OEM key to active, it must be able to see some BIOS …

A small note on what you can do to troubleshoot and diagnose issues with NVidia GPUs (NOTE: this is GPUs, not GFX cards). You can check for issues by using NVidia SMI or checking for Xid errors in the OS event logs: Use Nvidia SMI. Linux and Vmware nvidia-bug-report.sh Generates a diagnostic bundle Windows c:\Program …

In order to check that the correct firmware and matching driver is in use, you will need to refer to the VMware Hardware Compatibility List (HCL). In order to narrow down the search on the HCL, we need to obtain some values from the hardware. These are namely: VID (Vendor ID) DID (Device ID) SVID (Sub-Vendor ID) SSID …

I use VMware on my Raspberry Pi, however these do not quite have the capacity to run the SHD appliance, and as I have no other VMware host, I decided to see if I could run it on a QEMU host. Spoiler.... I can! and here is how to do it. Convert the downloaded .ova file to qcow2 format. See my previous post on how to do …